← Back to Skills Marketplace
47vigen

Developer Agent

by Vigen Pouya · GitHub ↗ · v1.0.0
cross-platform ⚠ suspicious
989
Downloads
0
Stars
8
Active Installs
1
Versions
Install in OpenClaw
/install developer-agent
Description
Orchestrates software development by coordinating with Cursor Agent, managing git workflows, and ensuring quality delivery. Use when implementing development...
README (SKILL.md)

Developer Agent

Orchestrate software development by coordinating with Cursor Agent, managing git workflows, and ensuring quality delivery through structured stages.

Core Principles

  1. Understanding first — Never proceed without 100% understanding. Ask targeted questions when unclear.
  2. Minimal Cursor prompting — Provide only essential information. Let Cursor use its creativity.
  3. Respect Cursor's output — Present Cursor's plan as-is. Never modify or restructure.
  4. Build before commit — Always run pnpm build and verify success before committing.
  5. Approval required — Wait for explicit user approval of plans before implementation.
  6. Right tool for the job — Assess complexity and select appropriate model (see references/model-selection.md).
  7. Complete the pipeline — Monitor all deployment stages until full completion.

Workflow Overview

Requirement → Understand (100%) → Git Setup → Assess Complexity
    → [Simple] Direct implementation → Self Review → Build → Commit
    → [Complex] Cursor Agent → Plan → User Approval → Implement → Self Review → Build → Commit
    → Merge → Monitor Pipelines → Final Report

See references/workflow-details.md for the complete decision tree.

Stage 1: Requirement Comprehension

  1. Read and analyze the requirement.
  2. Explore the codebase thoroughly.
  3. Identify affected components and dependencies.
  4. Assess understanding.

If understanding \x3C 100%: Ask specific questions, request clarifications, explore more. Loop until clarity achieved.

If understanding = 100%: Proceed to Stage 2.

Stage 2: Git Environment Setup

git checkout staging
git pull origin staging
git checkout -b feature/[descriptive-task-name]

Verify branch created. Proceed to Stage 3.

Stage 3: Task Complexity Assessment

Simple (implement directly):

  • Few lines of code (\x3C 10)
  • URLs, links, text, or config changes
  • Single-file minor changes

→ Jump to Stage 7 (Self Review).

Medium to Advanced (use Cursor Agent):

  • Structural changes, new features
  • Multi-file modifications
  • Logic changes or refactoring

→ Proceed to Stage 4.

Stage 4: Planning Decision

No planning needed: Single feature, clear changes, limited scope (2–3 files). → Select implementation model. Jump to Stage 6.

Planning required: Multiple features, architectural changes, cross-cutting concerns. → Proceed to Stage 5.

Stage 5: Plan Creation via Cursor

  1. Select planning model per references/model-selection.md.
  2. Prepare minimal prompt. See references/cursor-guidelines.md.
  3. Send to Cursor with ALL user-provided links and attachments.
  4. Retrieve Cursor's complete output.
  5. Present to user with header: "📋 IMPLEMENTATION PLAN (Generated by Cursor [Model Name]):"
  6. Pause. Wait for explicit approval.

If rejected: Return to Stage 1.

If approved: Proceed to Stage 6.

Stage 6: Implementation via Cursor

  1. Select implementation model per references/model-selection.md.
  2. Send to Cursor: approved plan + all user links/attachments.
  3. Let Cursor implement. Proceed to Stage 7.

Stage 7: Self Review

Checklist:

  • All requirements implemented?
  • Code follows project standards?
  • No bugs or logical errors?
  • Edge cases handled?
  • Performance optimized?
  • Security addressed?
  • Comments and documentation added?
  • Code clean and maintainable?

If any fails: Return to Stage 6, fix, review again.

If all pass: Proceed to Stage 8.

Stage 8: Build Verification

pnpm build

If build fails: Fix issues, return to Stage 6 or 7, run build again.

If build succeeds: Proceed to Stage 9.

Never commit code that fails to build.

Stage 9: Git Operations

git add .
git commit -m "[type]: clear description of changes"
git push origin [branch-name]
git checkout staging
git merge [branch-name]
git push origin staging

Commit types: feat, fix, refactor, style, docs, chore.

Stage 10: Deployment Pipeline Monitoring

Monitor in order until all complete:

  1. Release pipeline
  2. Build pipeline
  3. Deploy pipeline

Do not proceed until all pipelines complete successfully.

Stage 11: Final Report

Deliver report including:

  • Changed files
  • Branch information (name, base, status)
  • Build verification (local success, time)
  • Build & deploy statistics
  • Release information (version, time, environment)
  • Summary of implementation

Resources

  • Workflow details and decision tree: references/workflow-details.md
  • Model selection matrix: references/model-selection.md
  • Cursor interaction guidelines: references/cursor-guidelines.md
  • Final report template: references/report-template.md
Usage Guidance
This skill mostly does what it says (orchestrating development with Cursor and git), but there are gaps and privacy risks you should consider before enabling it: - Confirm where 'Cursor' runs and who/what can access data forwarded to it. The skill instructs sending ALL user-provided links and attachments to Cursor — that can leak sensitive files or secrets if those attachments contain credentials or private data. - The SKILL.md instructs running git and pnpm commands, but the metadata declares no required binaries. Ensure the agent environment actually has git and pnpm available and that the agent is only given access to repositories you are comfortable sharing. - The rule 'Respect Cursor’s output — Never modify' prevents sanitization of Cursor-generated plans. If Cursor might echo secrets or sensitive file contents, you lose an opportunity to redact them. - If you plan to use this skill on private or sensitive codebases, test it first in a sandbox repository. Restrict the agent's repository access and avoid sending confidential attachments. - Ask the skill author (or registry maintainer) to: (1) declare required binaries (git, pnpm), (2) document where Cursor executions occur and who controls those models/hosts, and (3) clarify whether attachments are stored or relayed outside your environment. If the author can confirm Cursor is an internal, trusted component and update metadata to list required tools, the concerns become minor. Without that info, treat this as potentially exposing sensitive artifacts and proceed cautiously.
Capability Analysis
Type: OpenClaw Skill Name: developer-agent Version: 1.0.0 The skill bundle is classified as suspicious due to potential shell injection vulnerabilities and prompt injection risks against the underlying Cursor Agent. Specifically, `SKILL.md` instructs the agent to execute `git` commands (e.g., `git checkout -b feature/[descriptive-task-name]`, `git push origin [branch-name]`) where agent-generated variables like `[descriptive-task-name]` or `[branch-name]` are directly inserted into shell commands without explicit sanitization, posing a risk of shell injection. Additionally, `SKILL.md` and `references/workflow-details.md` instruct the agent to include 'ALL user-provided links and attachments' when prompting the Cursor Agent, which could allow prompt injection against Cursor if a user provides malicious content. While the skill includes a critical mitigating factor of 'explicit user approval' before implementation, these vulnerabilities could still be exploited if the user approves a malicious plan or if the agent's own generated variables are compromised.
Capability Assessment
Purpose & Capability
The skill's name/description (developer orchestration, git workflows, Cursor coordination) matches the instructions. However, it instructs use of runtime tools (git, pnpm) but declares no required binaries; that mismatch suggests either sloppy metadata or hidden requirements. Asking to include all user links/attachments when sending to Cursor is consistent with planning/implementation, but this broad forwarding should be explicit in metadata.
Instruction Scope
Runtime instructions direct the agent to 'explore the codebase thoroughly' and to send 'ALL user-provided links and attachments' to Cursor. That implies reading repository files and transmitting user attachments to another agent/model. The guidance 'Respect Cursor's output — Present Cursor's plan as-is. Never modify or restructure.' prevents the agent from sanitizing or redacting Cursor output before returning it to the user. These behaviors risk unintended exposure of sensitive files/attachments and remove an opportunity to sanitize outputs.
Install Mechanism
No install spec and no code files — lowest technical risk (nothing is written to disk by the skill). The instruction-only nature reduces supply-chain risk.
Credentials
The skill requests no environment variables, credentials, or config paths. Given the declared purpose, that is reasonable. Note however the instructions require networked coordination with Cursor and access to the codebase; those are runtime permissions rather than declared secrets.
Persistence & Privilege
always:false and no persistent install are appropriate. The skill allows normal autonomous invocation (platform default); combined with the instruction to forward attachments and code context to Cursor this raises the potential blast radius, but autonomous invocation on its own is expected and not flagged here.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install developer-agent
  3. After installation, invoke the skill by name or use /developer-agent
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
- Initial release of Developer Agent skill. - Automates end-to-end software development workflow, including requirements analysis, git management, build verification, and deployment pipeline monitoring. - Integrates with Cursor Agent for planning and implementation of complex tasks. - Enforces explicit user approval before implementation, strict build verification before commit, and comprehensive self-review procedures. - Provides detailed final reporting after successful deployment.
Metadata
Slug developer-agent
Version 1.0.0
License
All-time Installs 8
Active Installs 8
Total Versions 1
Frequently Asked Questions

What is Developer Agent?

Orchestrates software development by coordinating with Cursor Agent, managing git workflows, and ensuring quality delivery. Use when implementing development... It is an AI Agent Skill for Claude Code / OpenClaw, with 989 downloads so far.

How do I install Developer Agent?

Run "/install developer-agent" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Developer Agent free?

Yes, Developer Agent is completely free (open-source). You can download, install and use it at no cost.

Which platforms does Developer Agent support?

Developer Agent is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Developer Agent?

It is built and maintained by Vigen Pouya (@47vigen); the current version is v1.0.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments